Hacker News new | ask | show | jobs
Firefox 99 (mozilla.org)
33 points by nimar 1535 days ago
1 comments
kevincox 1535 days ago
> The Linux sandbox has been strengthened: processes exposed to web content no longer have access to the X Window system (X11).

That is a very significant step. I wonder if this applies to Wayland users as well or if this was already a non-issue.

link
WhyNotHugo 1534 days ago
It's less of an issue on Wayland.

Clients can't randomly snoop onto what others are doing (e.g.: record keystrokes while on background).

There's still _some_ attack surface on Wayland, but less than there was on Xorg.

BTW: Note sure if this feature was implemented for Wayland, but it sounds like it wasn't.

link
kup0 1535 days ago
I wonder if this will break the hardware acceleration I've enabled to run in Firefox in X11 by using the VAAPI flags/etc
link
alophawen 1535 days ago
The issue with Xorg is that it runs as root by default (there seems to be ways to run it as non-root according to Gentoo Wiki, but I'm pretty sure most popular distros runs it as root).

One of the selling points of wayland is that it does not.

EDIT: See child replies. I am outdated info.

link
kevincox 1535 days ago
I don't think most distributions run X as root anymore. But it does generally have a lot of access as it can open apps and log keys.

XWayland definitely doesn't run as root, but still has a lot of access to any X applications that you are running.

link
alophawen 1535 days ago
Thanks for pointing that out. I'm not up to date on this.
link